New Orleans Saints Head Coach Dennis Allen once said, “I think it boils down to our ability to execute…making sure everybody understands exactly what they’re all supposed to be doing so we can go out and actually perform that job…”
He was discussing football strategy, but he could have been discussing Cyber Security, too, since organizations and their Cyber Security partner need to work closely together to combat bad actors. It is important to stay in touch and collaborate, especially with the increasing level of cyber threats.
In late 2022, experts thought ransomware attacks were decreasing. But then 2023 got underway and ransomware attacks actually soared to a new record, according to published reports. So, the question is: how to prevent ransomware?
Threat actors frequently use phishing emails to launch their attacks, and unpatched systems provide them with additional opportunities to exploit known vulnerabilities. But, like studying the opposing team’s game plays, understanding trends can help businesses shape their defense.
Supply chains are a common target for cyberattacks. Criminals are extorting money from businesses of all sizes through these attacks. A key driver is the so-called Ransomware-as-a-Service (RaaS) kits, with prices starting from as little as $40. Gangs are also carrying out their attacks faster: the average number of days taken to execute has plunged from around 60 days in 2019 to only four in 2023.
At the same time, the attacks are becoming more sophisticated, thanks to advances in artificial intelligence. In one situation, the CEO of a British energy company sent $250,000 to a scammer.
The scammer pretended to be the boss of the parent company and asked the CEO to send money to a supplier. But the voice was actually generated using AI; in fact, deepfake video technology designed and sold for phishing frauds is now available online for as low as $20 per minute.
At the same time, the number of connected devices is growing: By 2025, over half of the world’s data is expected to come from Internet of Things (IoT) devices. This increase in connected devices will likely result in more Cyber Security threats in the future.
While IoT represents a boon for industry, each IoT-enabled device acts as another possible entry point for hackers. Similarly, lax security on mobile devices exposes both personal and business data to attack.
A Cyber Security expert can protect organizations from hacks. They can reduce the risk of Cyber Attacks and minimize any negative impact. Among other services, they can help guide you with such Cyber Safety steps as:
Limiting the Use of Remote Desktop Services– Threat actors frequently gain access to the target system through poorly secured remote services. Once they have initial access, they can easily move through your network.
Updating Your Cyber Security Awareness Training – Effective employee trainingwill teach users how to recognize signs of advanced social engineering. Engaging, gamified and other phishing simulations can help.
Segmenting Networks– Separating your network into distinct, contained parts, can make it difficult for attackers to move through the system. Minimizing users and resources – with access to each segment following the principle of least privilege – provides even more security.
Strengthening and Enforcing MFA– Implementing multi-factor authentication (MFA) can help to keep hackers out of your system.
Implementing Zero-Trust Architecture– This access management strategy involves requiring identity verification any time a user, application, or device requests system access.
Prioritizing Patching –known vulnerabilities in unpatched systems tempt bad actors. Automating your patch management will help to keep your defenses up to date.
Revisiting Your Backup Strategy – When ransomware hits, having a recent backup will speed recovery and reduce downtime.
Many organizations operate with reduced staff levels and will struggle to follow these and other security suggestions. Small businesses can access high-quality cyber security by working with a managed services provider whose experts can create a customized solution for your business that fits your needs and budget.
Carl Mazzanti is president of eMazzanti Technologies in Hoboken, NJ, providing IT Consulting and Cybersecurity Services for businesses ranging from home offices to multinational corporations.
